Re: Major security hole in Hyperledger Fabric - Private Data is not private #fabric #fabric-questions #ssl #fabric-dstorage #fabric-chaincode


Ivan Ch <acizlan@...>
 

Hi jeroiraz
Oct:


:

In the example above, if peers do not have a way to validate your national ID, peers may never claim the provided or stored data is valid. This scenario is not limited to HF or Blockchain but to any procedure
there are actually quite a few ways to validate anything including national ID using ZKP or ZKP like technique (e.g. I can design my crypto to validate if the two text data encrypted by different keys are actually the same text), but you can't do anything with hashes 

Dave, Jay.
The chaincode can require that the transaction submitter include the private data in the transient field when invoking the chaincode. Any party that endorses the chaincode execution will have the private data, and it will also be disseminated to all other collection members. If the transaction submitter does not provide the private data at chaincode invocation time, they will not be able to gather sufficient endorsements, and the transaction will not be validated.
as you said "Any party that endorses the chaincode execution will have the private data". here is the dilemma , you either make the private data known  (whoever can endorse it must know your data), or allow adversaries to take advantage of it and trick others with unverifiable blockchain data.

sure, this is not a fabric problem but a methodology problem, but fabric makes it a feature for people no-so-educated-on-security to use it and use it wrong. 

Join fabric@lists.hyperledger.org to automatically receive all group messages.